| Autore |
 Discussione  |
|
robyn-1
Average Member
72 Messaggi |
 Inserito il - 24/10/2008 : 11:35:59
|
|
E' da ieri sera che mi sta tormentando e non riesco a debellarlo, continua a saltarmi fuori la finestra di attenzione di Avira, ho bisogno di aiuto, grazie.
|
|
|
robyn-1
Average Member
72 Messaggi |
Inserito il - 24/10/2008 : 11:44:13
|
Premetto che con il PC non so proprio dove mettere le mani, quindi dovrò essere seguito passo per passo come un neonato.
Sto provando con Spybot, spero risolva qualcosa.
Dimenticavo, ho due utenti sulla macchina di cui una personale, entrambi amministratori, se avvio il mio personale non mi appare nessuna icona ma solo la finestra di Avira, sarei anche disposto a formattare, dovrei solo riuscire a recuperare un file di lavoro, come posso fare? |
 |
|
|
shang
Advanced Member
Città: Roma
4879 Messaggi |
Inserito il - 24/10/2008 : 12:11:44
|
ciao
intanto dimentica la parola ''formattare'' le cose vanno risolte e sono qui per aiutarti
segui passo passo quello che ti diro'
____
scarica questo programmino
htt*://[www].trendsecure[.com]/portal/en-US/threat_analytics/hijackthis.php#
Ricordati di mettere HIJACKTHIS in una cartella a lui dedicata (in Programmi o Documenti), l'importante è che non si trovi sul desktop o in cartelle temporanee è importante se vuoi salvare i backup
Apri HijackThis e clicca "Do a system scan and save a logfile''
Quando avrai il log che ti rilascia, postalo qui nel forum
|
|
|
|
robyn-1
Average Member
72 Messaggi |
Inserito il - 24/10/2008 : 14:53:13
|
Scusa il ritardo ma sto anche lavorando e quindi faccio faticata a fare tutto e subito.
Mamma mia se è diventato lento, ecco il LOG
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.44.52, on 24/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\hpnra.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\WINDOWS\system32\imapi.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avwsc.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avwsc.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avwsc.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avwsc.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].progettaregroup.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = htt*://go.microsoft[.com]/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = htt*://go.microsoft[.com]/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = htt*://go.microsoft[.com]/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://go.microsoft[.com]/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: {1bae6002-44e2-ff18-3854-42fca0e25832} - {23852e0a-cf24-4583-81ff-2e442006eab1} - C:\WINDOWS\system32\hkpjur.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7CF39625-C5B6-40DA-AADC-002E8F5D852C} - C:\WINDOWS\system32\wvUllklj.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {EF8820EB-F11E-4DD6-BC6C-D99084691C18} - C:\WINDOWS\system32\yayxYpPF.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HP Network Registry Agent] C:\WINDOWS\system32\hpnra.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [JobHisInit] C:\Programmi\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Programmi\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Programmi\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Programmi\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: Aggiungi a PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: [No-Spam]xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - htt*://mappe[.com]une.verona.it/MapGuide_plugin/mgaxctrl .cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - htt*://[www].nvidia[.com]/content/DriverDownload/nforce/NvidiaSmartScan .cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - htt*://fpdownload2.macromedia[.com]/get/shockwave/cabs/flash/swflash .cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: hkpjur.dll
O20 - Winlogon Notify: yayxYpPF - C:\WINDOWS\SYSTEM32\yayxYpPF.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal ñ Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal ñ Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 11716 bytes
|
|
|
|
shang
Advanced Member
Città: Roma
4879 Messaggi |
Inserito il - 24/10/2008 : 16:15:36
|
allora....hai un bel po' di robaccia
apri hijackthis, spunta le voci relative a quelle che ti indico, e premi FIX CHECKED
O2 - BHO: (no name) - {7CF39625-C5B6-40DA-AADC-002E8F5D852C} - C:\WINDOWS\system32\wvUllklj.dll
O2 - BHO: (no name) - {EF8820EB-F11E-4DD6-BC6C-D99084691C18} - C:\WINDOWS\system32\yayxYpPF.dll
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - htt*://[www].nvidia[.com]/content/DriverDownload/nforce/NvidiaSmartScan .cab
O20 - AppInit_DLLs: hkpjur.dll
O20 - Winlogon Notify: yayxYpPF - C:\WINDOWS\SYSTEM32\yayxYpPF.dll
_____
Fatto questo, vai qui
htt*://[www].kaspersky[.com]/virusscanner
clicca su "kaspersky online scanner"
clicca su "accept"
--- verrà eseguito il download dei componenti necessari alla scansione
quando è terminato clicca su "my computer" (finestra a sinistra)
avvia la scansione
--- da questo punto in poi, puoi anche disconnettere il pc da internet
quando finisce la scansione, salva e posta il rapporto.
|
|
|
|
robyn-1
Average Member
72 Messaggi |
Inserito il - 24/10/2008 : 17:24:01
|
| hijackthis lo avevo chiuso, devo rifare il log? |
|
|
|
robyn-1
Average Member
72 Messaggi |
Inserito il - 24/10/2008 : 17:33:57
|
Scusami, ti riposto il Log, la prima voce che dovevo fixare è cambiata....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.29.13, on 24/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\hpnra.exe
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\File comuni\Autodesk Shared\acstart17.exe
C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].progettaregroup.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = htt*://go.microsoft[.com]/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = htt*://go.microsoft[.com]/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = htt*://go.microsoft[.com]/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://go.microsoft[.com]/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02F3D502-69F1-4A1C-9AD5-13ABAB0B8105} - C:\WINDOWS\system32\wvUllklj.dll
O2 - BHO: {1bae6002-44e2-ff18-3854-42fca0e25832} - {23852e0a-cf24-4583-81ff-2e442006eab1} - C:\WINDOWS\system32\hkpjur.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {EF8820EB-F11E-4DD6-BC6C-D99084691C18} - C:\WINDOWS\system32\yayxYpPF.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HP Network Registry Agent] C:\WINDOWS\system32\hpnra.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [JobHisInit] C:\Programmi\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Programmi\RDS\RMClient\MplSetUp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Programmi\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: Aggiungi a PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: [No-Spam]xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - htt*://mappe[.com]une.verona.it/MapGuide_plugin/mgaxctrl .cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - htt*://[www].nvidia[.com]/content/DriverDownload/nforce/NvidiaSmartScan .cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - htt*://fpdownload2.macromedia[.com]/get/shockwave/cabs/flash/swflash .cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: hkpjur.dll
O20 - Winlogon Notify: yayxYpPF - C:\WINDOWS\SYSTEM32\yayxYpPF.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal ñ Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal ñ Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 10250 bytes
|
|
|
|
shang
Advanced Member
Città: Roma
4879 Messaggi |
Inserito il - 24/10/2008 : 20:43:22
|
scarica Vundofix sul desktop
htt*://[www].atribune.org/ccount/click.php?id=4
lancialo metti la spunta su "Run VundoFix as a task"
riceverai un messaggio che vundofix si chiuderà e riaprirà in un minuto o meno, quando il programma si riaprirà clicca OK
clicca su "Scan for Vundo" quando ha finito di fare la scansione clicca su "Remove vundo"
clicca YES alla domanda se vuoi rimuovere i files,quindi inizierà a rimuovere le dll del vundo ,quando ha finito ti dirà che dovrà spegnere il pc clicca OK.
Riaccendi il pc e allega il file C:\vundofix.txt in un post |
|
|
|
robyn-1
Average Member
72 Messaggi |
Inserito il - 24/10/2008 : 20:49:10
|
| All'inizio con hijackthis non ho fixato niente perchè stupidamente l'avevo chiuso, quando l'ho riaperto ed ho rifatto il Log alcuni file che mi avevi detto di fixare erano cambiati, cosa devo fare? Devo fixarli con hijackthis oppure lascio stare e vado direttamente di Vundofix? |
|
|
|
shang
Advanced Member
Città: Roma
4879 Messaggi |
Inserito il - 24/10/2008 : 20:53:17
|
| fai prima vundofix poi mi posti di nuovo hjt |
|
|
|
robyn-1
Average Member
72 Messaggi |
Inserito il - 24/10/2008 : 21:19:43
|
Ho due problemi:
1) Quando lancio Vundofix ma non trovo dove mettere la spunta su "Run VundoFix as a task", nella schermata di avvio ho solo Scan for Vundo e Fix Vundo.
2) Non c'è modo di spegnere Antivir Guard? Tutte quelle finestre che si aprono mi impediscono di fare qualsiasi operazione... |
|
|
|
shang
Advanced Member
Città: Roma
4879 Messaggi |
Inserito il - 24/10/2008 : 21:27:39
|
prova con Scan for Vundo ed elimina cio' che trova
|
|
|
|
robyn-1
Average Member
72 Messaggi |
Inserito il - 24/10/2008 : 21:59:57
|
Non ha trovato niente...
faccio partire hijackthis?
|
|
|
|
shang
Advanced Member
Città: Roma
4879 Messaggi |
Inserito il - 24/10/2008 : 22:09:16
|
| ricordi le voci da fixare? |
|
|
|
robyn-1
Average Member
72 Messaggi |
Inserito il - 24/10/2008 : 22:11:46
|
Ti posto il log appena fatto
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.10.42, on 24/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\hpnra.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://[www].progettaregroup.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = htt*://go.microsoft[.com]/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = htt*://go.microsoft[.com]/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = htt*://go.microsoft[.com]/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = htt*://go.microsoft[.com]/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {16F4FFB7-D96E-416C-A4D8-3A42FCFD8A84} - C:\WINDOWS\system32\wvUllklj.dll
O2 - BHO: {1bae6002-44e2-ff18-3854-42fca0e25832} - {23852e0a-cf24-4583-81ff-2e442006eab1} - C:\WINDOWS\system32\hkpjur.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {EF8820EB-F11E-4DD6-BC6C-D99084691C18} - C:\WINDOWS\system32\yayxYpPF.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programmi\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HP Network Registry Agent] C:\WINDOWS\system32\hpnra.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [JobHisInit] C:\Programmi\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Programmi\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Programmi\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Programmi\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: Aggiungi a PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: [No-Spam]xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - htt*://mappe[.com]une.verona.it/MapGuide_plugin/mgaxctrl .cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - htt*://[www].nvidia[.com]/content/DriverDownload/nforce/NvidiaSmartScan .cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - htt*://fpdownload2.macromedia[.com]/get/shockwave/cabs/flash/swflash .cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: hkpjur.dll
O20 - Winlogon Notify: yayxYpPF - C:\WINDOWS\SYSTEM32\yayxYpPF.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal ñ Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal ñ Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmi\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 10160 bytes
|
|
|
|
shang
Advanced Member
Città: Roma
4879 Messaggi |
Inserito il - 24/10/2008 : 22:18:33
|
aspetta che controllo il log(e' la terza volta)  |
|
|
|
Discussione |
|
TR/Vundo.Gen Trojan
Forum Bloccato
